Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As stated in my recent blog, CISO: Chief Cybersecurity Warrior Leader, I define warrior-leadership as a term that combines the concepts of leadership and expertise in the field of cybersecurity with the mindset and traits of a warrior. A warrior mindset helps leaders remain calm, focused, and effective in addressing and resolving complex challenges.

Security teams are faced with an ongoing challenge when it comes to exposure and vulnerability management. It’s not the actual discovery of the vulnerability that poses the challenge, but what to do once you discover one. Without a structured process, IT and security teams struggle to address vulnerabilities efficiently, and are in a constantly reactive mode, and struggle to address vulnerabilities efficiently, increasing potential risks.

A Cybersecurity Warrior Leader is a term that combines the concepts of leadership and expertise in the field of cybersecurity with the mindset and traits of a warrior. These individuals function as CISOs and vCISOs in project and operational roles leading programs, initiatives, teams, and organizations in defending against cyber threats, while exhibiting key qualities associated with warriors, such as strategic thinking, resilience, and a strong sense of duty.

This blog post provides a high-level overview of the latest cybersecurity threats for the month of March, to inform businesses and tech users about key risks. For detailed technical insights, refer to the accompanying PowerPoint briefing available here. Cybersecurity threats escalated in March, with significant attacks, breaches, and vulnerabilities impacting organizations worldwide. From ransomware surges to exploited software flaws, businesses faced a challenging landscape.

Content originally published in Cybersecurity Insiders.

In today’s competitive digital landscape, data is at the heart of business operations. Every transaction, login, and digital interaction generates data, which, when leveraged effectively, drives growth, enhances customer experiences, and improves operational efficiency. However, collecting and managing this data comes with risks—particularly through data logging and data hashing.

Governments across the globe have introduced new legislation to address the escalating risks of cybersecurity threats. In 2021, the United States issued executive order 14028, requiring government agencies to develop a plan for implementing a zero-trust security strategy. This included rolling out multi-factor authentication (MFA), data encryption, and ensuring employees have secure access to the data and applications they need on their devices according to the principle of least privilege access.

Generative AI is changing industries by making automation, creativity, and decision-making more powerful. But it also comes with security risks. AI models can be tricked into revealing information, generating harmful content, or spreading false data. To keep AI safe and trustworthy, experts use GenAI Red Teaming. This method is a structured way to test AI systems for weaknesses before they cause harm.

Between December 2024 and February 2025, the LevelBlue MDR team saw over a dozen attempts and a handful of successful intrusions by threat actors (TAs). Internally, we broadly attribute these attacks to the Black Basta ransomware gang. As outlined by other cybersecurity researchers’ reporting of similar tactics, techniques, and procedures (TTPs) observed; there is a high probability that this activity is from affiliate groups or initial access brokers.

Preparing evidence for a HITRUST Validated Assessment is a detailed process that requires careful organization, proper documentation, and alignment with HITRUST’s control framework. By following the below steps, you will be better prepared for the HITRUST Validated Assessment, increasing your chances of successfully achieving certification.